Improve image pull performance from http 1.1 container registries#4653
Merged
estesp merged 3 commits intocontainerd:masterfrom Nov 16, 2020
Merged
Improve image pull performance from http 1.1 container registries#4653estesp merged 3 commits intocontainerd:masterfrom
estesp merged 3 commits intocontainerd:masterfrom
Conversation
Private registries that does not support http 2.0 such as Azure Container Registry streams back content in a max of 16KB chunks (max TLS record size). The small chunks introduce an overhead when copying the layers to the content store sine each chunk incurs the overhead of grpc message that has to be sent to the content store. This change reduces this overhead by buffering the chunks into 1MB chunks and only then writes a message to the content store. Below is a per comparsion between the 2 approaches using a couple of large images that are being pulled from the docker hub (http 2.0) and a private Azure CR (http 1.1) in seconds. image | Buffered copy | master ------- |---------------|---------- docker.io/pytorch/pytorch:latest | 55.63 | 58.33 docker.io/nvidia/cuda:latest | 72.05 | 75.98 containerdpulltest.azurecr.io/pytorch/pytorch:latest | 61.45 | 77.1 containerdpulltest.azurecr.io/nvidia/cuda:latest | 77.13 | 85.47 Signed-off-by: Amr Mahdi <[email protected]>
|
Hi @amrmahdi. Thanks for your PR. I'm waiting for a containerd member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
Build succeeded.
|
Member
|
/ok-to-test |
cpuguy83
reviewed
Oct 26, 2020
Member
|
Looks like you are missing DCO on the 2nd commit. |
Signed-off-by: Amr Mahdi <[email protected]>
amrmahdi
force-pushed
the
amrh/optimize-content-transfer
branch
from
a8a70ea to
f6834d4
Compare
|
Build succeeded.
|
mikebrow
reviewed
Nov 2, 2020
Signed-off-by: Amr Mahdi <[email protected]>
amrmahdi
force-pushed
the
amrh/optimize-content-transfer
branch
from
ec7cd79 to
b81917e
Compare
|
Build succeeded.
|
Member
|
@mikebrow LGTY? |
Member
|
Maintainers can merge this PR since there are two approvals. |
amrmahdi
pushed a commit
to amrmahdi/containerd
that referenced
this pull request
Nov 18, 2020
…t-transfer Improve image pull performance from http 1.1 container registries (cherry picked from commit cc3785c) Signed-off-by: Amr Mahdi <[email protected]>
fuweid
added
the
cherry-picked/1.4.x
thaJeztah
added a commit
to thaJeztah/containerd-packaging
that referenced
this pull request
Nov 26, 2020
- Update to containerd 1.4.2 - Update Golang runtime to 1.15.5 Upstream containerd 1.4.2 release notes: https://github.com/containerd/containerd/releases/tag/v1.4.2 Welcome to the v1.4.2 release of containerd! ------------------------------------------------------ The second patch release for containerd 1.4 includes multiple minor fixes and updates. Notable Updates - Fix bug limiting the number of layers by default containerd/cri#1602 - Fix selinux shared memory issue by relabeling /dev/shm containerd/cri#1605 - Fix unknown state preventing removal of containers containerd/containerd#4656 - Fix nil pointer error when restoring checkpoint containerd/containerd#4754 - Improve image pull performance when using HTTP 1.1 containerd/containerd#4653 - Update default seccomp profile for pidfd containerd/containerd#4730 - Update Go to 1.15 Windows - Fix integer overflow on Windows containerd/containerd#4589 - Fix lcow snapshotter to read trailing tar data containerd/containerd#4628 Signed-off-by: Sebastiaan van Stijn <[email protected]>
thaJeztah
added a commit
to thaJeztah/docker
that referenced
this pull request
Nov 26, 2020
NOTE: the Dockerfile currently uses a single version of Golang for all
stages. This means that currently, all binaries are built with Go
1.13.x, including the containerd binary; upstream containerd switched
to use Go 1.15.
full diff: containerd/containerd@v1.4.1...v1.4.2
Release notes:
Welcome to the v1.4.2 release of containerd!
------------------------------------------------------
The second patch release for containerd 1.4 includes multiple minor fixes
and updates.
Notable Updates
- Fix bug limiting the number of layers by default containerd/cri#1602
- Fix selinux shared memory issue by relabeling /dev/shm containerd/cri#1605
- Fix unknown state preventing removal of containers containerd/containerd#4656
- Fix nil pointer error when restoring checkpoint containerd/containerd#4754
- Improve image pull performance when using HTTP 1.1 containerd/containerd#4653
- Update default seccomp profile for pidfd containerd/containerd#4730
- Update Go to 1.15
Windows
- Fix integer overflow on Windows containerd/containerd#4589
- Fix lcow snapshotter to read trailing tar data containerd/containerd#4628
Signed-off-by: Sebastiaan van Stijn <[email protected]>
docker-jenkins
pushed a commit
to docker-archive/docker-ce
that referenced
this pull request
Nov 30, 2020
NOTE: the Dockerfile currently uses a single version of Golang for all
stages. This means that currently, all binaries are built with Go
1.13.x, including the containerd binary; upstream containerd switched
to use Go 1.15.
full diff: containerd/containerd@v1.4.1...v1.4.2
Release notes:
Welcome to the v1.4.2 release of containerd!
------------------------------------------------------
The second patch release for containerd 1.4 includes multiple minor fixes
and updates.
Notable Updates
- Fix bug limiting the number of layers by default containerd/cri#1602
- Fix selinux shared memory issue by relabeling /dev/shm containerd/cri#1605
- Fix unknown state preventing removal of containers containerd/containerd#4656
- Fix nil pointer error when restoring checkpoint containerd/containerd#4754
- Improve image pull performance when using HTTP 1.1 containerd/containerd#4653
- Update default seccomp profile for pidfd containerd/containerd#4730
- Update Go to 1.15
Windows
- Fix integer overflow on Windows containerd/containerd#4589
- Fix lcow snapshotter to read trailing tar data containerd/containerd#4628
Signed-off-by: Sebastiaan van Stijn <[email protected]>
Upstream-commit: 703951197c3338631ee0529dd9dd814d16f037f0
Component: engine
thaJeztah
added a commit
to thaJeztah/containerd-packaging
that referenced
this pull request
Dec 2, 2020
- Update to containerd 1.4.2 - Update Golang runtime to 1.15.5 Upstream containerd 1.4.2 release notes: https://github.com/containerd/containerd/releases/tag/v1.4.2 Welcome to the v1.4.2 release of containerd! ------------------------------------------------------ The second patch release for containerd 1.4 includes multiple minor fixes and updates. Notable Updates - Fix bug limiting the number of layers by default containerd/cri#1602 - Fix selinux shared memory issue by relabeling /dev/shm containerd/cri#1605 - Fix unknown state preventing removal of containers containerd/containerd#4656 - Fix nil pointer error when restoring checkpoint containerd/containerd#4754 - Improve image pull performance when using HTTP 1.1 containerd/containerd#4653 - Update default seccomp profile for pidfd containerd/containerd#4730 - Update Go to 1.15 Windows - Fix integer overflow on Windows containerd/containerd#4589 - Fix lcow snapshotter to read trailing tar data containerd/containerd#4628 Signed-off-by: Sebastiaan van Stijn <[email protected]>
thaJeztah
added a commit
to thaJeztah/docker
that referenced
this pull request
Feb 12, 2021
NOTE: the Dockerfile currently uses a single version of Golang for all
stages. This means that currently, all binaries are built with Go
1.13.x, including the containerd binary; upstream containerd switched
to use Go 1.15.
full diff: containerd/containerd@v1.4.1...v1.4.2
Release notes:
Welcome to the v1.4.2 release of containerd!
------------------------------------------------------
The second patch release for containerd 1.4 includes multiple minor fixes
and updates.
Notable Updates
- Fix bug limiting the number of layers by default containerd/cri#1602
- Fix selinux shared memory issue by relabeling /dev/shm containerd/cri#1605
- Fix unknown state preventing removal of containers containerd/containerd#4656
- Fix nil pointer error when restoring checkpoint containerd/containerd#4754
- Improve image pull performance when using HTTP 1.1 containerd/containerd#4653
- Update default seccomp profile for pidfd containerd/containerd#4730
- Update Go to 1.15
Windows
- Fix integer overflow on Windows containerd/containerd#4589
- Fix lcow snapshotter to read trailing tar data containerd/containerd#4628
Signed-off-by: Sebastiaan van Stijn <[email protected]>
(cherry picked from commit 7039511)
Signed-off-by: Sebastiaan van Stijn <[email protected]>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
8 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Private registries that does not support http 2.0 such as Azure Container Registry streams back content in a max of 16KB chunks (max TLS record size). The small chunks introduce an overhead when copying the layers to the content store sine each chunk incurs the overhead of grpc message that has to be sent to the content store.
This change reduces this overhead by buffering the chunks into 1MB chunks and only then writes a message to the content store.
Below is a per comparsion between the 2 approaches using a couple of large images that are being pulled from the docker hub (http 2.0) and a private Azure CR (http 1.1) in seconds.
Test setup:
Signed-off-by: Amr Mahdi [email protected]